Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2014-4014
HistoryJun 23, 2014 - 12:00 a.m.

CVE-2014-4014

2014-06-2300:00:00
ubuntu.com
ubuntu.com
15

6.2 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

25.4%

JSON

The capabilities implementation in the Linux kernel before 3.14.8 does not
properly consider that namespaces are inapplicable to inodes, which allows
local users to bypass intended chmod restrictions by first creating a user
namespace, as demonstrated by setting the setgid bit on a file with group
ownership of root.

Bugs

Notes

Author Note
jdstrand android kernels (goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 13.10 preview kernels android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels
OSVersionArchitecturePackageVersionFilename
ubuntu13.10noarchlinux<Β 3.11.0-26.45UNKNOWN
ubuntu14.04noarchlinux<Β 3.13.0-35.62UNKNOWN
ubuntu12.04noarchlinux-lts-quantal<Β 3.5.0-54.81~precise1UNKNOWN
ubuntu12.04noarchlinux-lts-raring<Β 3.8.0-44.66~precise1UNKNOWN
ubuntu12.04noarchlinux-lts-saucy<Β 3.11.0-26.45~precise1UNKNOWN
ubuntu12.04noarchlinux-lts-trusty<Β 3.13.0-35.62~precise1UNKNOWN

Related

prion 1
debiancve 1
exploitpack 1
nessus 16
seebug 1
zdt 1
f5 2
securityvulns 3
cve 1
exploitdb 1
openvas 48
amazon 1
mageia 8
ubuntu 6
oraclelinux 1
suse 2
kitploit 1
fedora 28
androidsecurity 1
prion
prion
Design/Logic Flaw
2014-06-23 11:21:00
debiancve
debiancve
CVE-2014-4014
2014-06-23 11:21:00
exploitpack
exploitpack
Linux Kernel 3.13 - SGID Privilege Escalation
2014-06-21 00:00:00
nessus
nessus
Fedora 19 : kernel-3.14.8-100.fc19 (2014-7426)
2014-06-23 00:00:00
Fedora 20 : kernel-3.14.8-200.fc20 (2014-7430)
2014-06-19 00:00:00
Amazon Linux AMI : kernel (ALAS-2014-368)
2014-10-12 00:00:00
seebug
seebug
Linux Kernel <= 3.13 - Local Privilege Escalation PoC (gid)
2014-07-01 00:00:00
zdt
zdt
Linux Kernel <= 3.13 - Local Privilege Escalation PoC (gid)
2014-06-22 00:00:00
f5
f5
SOL15677 - Linux kernel vulnerability CVE-2014-4014
2014-10-09 00:00:00
K15677 : Linux kernel vulnerability CVE-2014-4014
2014-10-09 00:00:00
securityvulns
securityvulns
[oss-security] CVE-2014-4014: Linux kernel user namespace bug
2014-06-17 00:00:00
[USN-2289-1] Linux kernel vulnerabilities
2014-07-21 00:00:00
Linux kernel multiple security vulnerabilities
2014-07-21 00:00:00
cve
cve
CVE-2014-4014
2014-06-23 11:21:00
exploitdb
exploitdb
Linux Kernel 3.13 - SGID Privilege Escalation
2014-06-21 00:00:00
openvas
openvas
Amazon Linux: Security Advisory (ALAS-2014-368)
2015-09-08 00:00:00
Mageia: Security Advisory (MGASA-2014-0273)
2022-01-28 00:00:00
Ubuntu: Security Advisory (USN-2287-1)
2014-07-21 00:00:00
amazon
amazon
Medium: kernel
2014-07-09 16:29:00
mageia
mageia
Updated kernel packages fixes security vulnerabilities
2014-06-23 01:13:23
Updated kernel packages fix security vulnerabilities
2014-08-06 00:08:48
Updated kernel-tmb package fixes security vulnerabilities
2014-08-18 13:14:56
ubuntu
ubuntu
Linux kernel (Saucy HWE) vulnerabilities
2014-07-17 00:00:00
Linux kernel (Quantal HWE) vulnerabilities
2014-07-17 00:00:00
Linux kernel vulnerabilities
2014-07-17 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2014-12-04 00:00:00
suse
suse
kernel: security and bugfix update (important)
2014-08-11 12:04:19
kernel: security and bugfix update (important)
2014-08-01 15:04:21
kitploit
kitploit
Kernelpop - Kernel Privilege Escalation Enumeration And Exploitation Framework
2017-11-04 13:30:00
fedora
fedora
[SECURITY] Fedora 20 Update: kernel-3.14.8-200.fc20
2014-06-18 22:25:48
[SECURITY] Fedora 20 Update: kernel-3.14.9-200.fc20
2014-06-30 10:29:23
[SECURITY] Fedora 20 Update: kernel-3.15.4-200.fc20
2014-07-11 02:02:48
androidsecurity
androidsecurity
Android Security Bulletinβ€”December 2016
2016-12-05 00:00:00

6.2 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

25.4%

JSON
Related for UB:CVE-2014-4014
prion1debiancve1exploitpack1nessus16seebug1zdt1f52securityvulns3cve1exploitdb1openvas48amazon1mageia8ubuntu6oraclelinux1suse2kitploit1fedora28androidsecurity1